| Commit message (Collapse) | Author | Age |
|
|
|
|
| |
That did not compile it seems and seems I didn't test it either before
applying. This should do the same thing.
|
| |
|
| |
|
|
|
|
| |
This commit was sponsored by John Peloquin on Patreon.
|
|
|
|
|
|
|
|
| |
Use raaz for random bytestring generation exclusively. It was already used
in all important places, but chaffing was using crypto-random.
Note that System.Random is used for delays during chaffing and
by random-shuffle.
|
|
|
|
|
|
|
|
| |
of work.
This got out of whack when sections were converted to rationals; there were
buckets that needed trivial proofs of work, and having these extra buckets
increased the total possible throughput.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The server has to run the hash once to verify a request, so a hash that
took 4 seconds could make the server do too much work if it's being flooded
with requests.
So, made the hash much less expensive.
This required keeping track of fractional seconds. Actually, I used
Rational for them, to avoid most rounding problems. That turned out nice.
I've only tuned the proofOfWorkHashTunable on my fanless overheating
laptop so far. It seems to be fairly reasonablly tuned though.
|
|
|
|
|
|
|
|
|
|
|
| |
Simplifies code, uses less memory, and don't need to protect
against flooding generation of RequestIDs, since the server does not store
them at all.
Note that the RequestIDSecret is only stored in ram, so restarting the
server will invalidate any RequestIds given out before. It would be
possible now to store that on disk to avoid that problem, but probably not
worth it.
|
|
|
|
| |
In this case, an empty string is hashed to generate the PoW.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Mashed up a argon2-based PoW with token buckets and bloom filters.
This is intended to prevent a few abuses including:
* Using a keysafe server for general file storage, by storing a whole
lot of chunks.
* An attacker guessing names that people will use, and uploading junk
to keysafe servers under those names, to make it harder for others to use
keysafe later.
* An attacker trying to guess the names used for objects on keysafe
servers in order to download them and start password cracking.
(As a second level of defense, since the name generation hash
is expensive already.)
Completely untested, but it builds!
This commit was sponsored by Andreas on Patreon.
|
|
|